Archive | Countermeasures


27 August 2006 | 15,638 views

Sophos Offers Free Rootkit Detection Tool/Software

Ah, here at Darknet we have always been a fan of Sophos and the way they operate, a very efficient company and good to see good technical products still coming out of the UK! Another good move by them, they have decided to offer a free rootkit detection tool called Sophos Anti-Rootkit..Yah I know, not [...]

Continue Reading


12 August 2006 | 9,162 views

TCPReplay suite 3.0.beta10. Released

Another good tool updated! TCPReplay suite 3.0.beta10 has been released. For those that don’t know Tcpreplay is a suite of BSD licensed tools written by Aaron Turner for *NIX operating systems which gives you the ability to use previously captured traffic in libpcap format to test a variety of network devices. It allows you to [...]

Continue Reading


10 August 2006 | 4,544 views

OWASP – Fortify Bug Taxonomy

Ah at last a good solid collaborative effort to identify and categorise software vulnerabilities with a solid taxonomy and good organisation! It seems very well written too in terms that anyone familiar with software development or programming can understand. Fortify Software, which identifies and remediates software vulnerabilities, has contributed its collection of 115 types of [...]

Continue Reading


01 August 2006 | 13,656 views

SpikeSource Spike PHP Security Audit Tool

Spike is an Open Source tool based on the popular RATS C based auditing tool implemented for PHP. The tool Spike basically does static analysis of php code for security exploits, PHP5 and call-time pass-by-reference are currently required, but a PHP4 version is coming out this week. This tool is especially welcomed by Darknet as [...]

Continue Reading


28 July 2006 | 6,493 views

BASE 1.2.6 Released (Basic Analysis & Security Engine)

We are happy to announce that the 1.2.6 (christine) release of the Basic Analysis and Security Engine (BASE) is available. BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a web front-end to query and analyze the alerts [...]

Continue Reading


11 July 2006 | 15,734 views

HoneyBot – A Windows Based Honeypot

HoneyBOT HoneyBOT is a Windows based medium interaction honeypot solution. What is a Honeypot? A honeypot is a device placed on a computer network specifically designed to capture malicious network traffic. The logging capability of a honeypot is far greater than any other network security tool and captures raw packet level data even including the [...]

Continue Reading


06 July 2006 | 7,152 views

A Forensic Analysis of the Lost Veteran’s Administration Laptop

An interesting speculative post on the forensics techniques that would most likely be used by the FBI during the investigation of the recovered Veteran’s Administration laptop. Most of them are pretty straight forwards if you have any kind of experience with digital forensics and data recovery (disaster recovery, incident response etc.) As a former Computer [...]

Continue Reading


29 June 2006 | 7,678 views

Shadowserver Battles the Botnets

Botnets are indeed a growing problem, we’ve seen serious cases of DDoS extortion, the most recent example would be the attacks against the ‘million dollar homepage’ and the problems it caused the owner. Botnets have been used for quite some time as spam networks and mostly for script kiddies to have DoS wars on IRC [...]

Continue Reading


22 June 2006 | 8,525 views

Botnets and Phishing Numbers Increasing Despite Crackdown

Botnets and organises cybercrime is getting more prevalent, it seems it’s increasing exponentially despire crackdowns by the US governments and other organisations. The criminals are getting more advanced, phishing scams are getting more realistic, technically trojans are getting more effective and the groups are getting really organised. Cybercrooks are organizing better and moving to more [...]

Continue Reading


14 June 2006 | 7,913 views

Spam – A Simple Guide To Keeping Your Inbox Clean

In my opinion, the best way to keep clean of spam is simple: The first rule is NEVER reply to spam, NEVER click the unsubscribe link and NEVER e-mail to the unsubscribe address. These are simply underhand tactics to get ‘active’ e-mail addresses. Some other tips to avoid getting spammed in the first place: 1) [...]

Continue Reading